Too long wiki page's title causes various impact.

Link:          https://hackerone.com/reports/414096
By:            @8ayac

Details: Summary: I have discovered various impact caused by adding wiki page whose title is too long, which violates the Availability and Integrity of the system.

Description: Adding a wiki page whose title is too long has several impact.

Steps To Reproduce:

1. Sign in to GitLab.
2. Go to "http(s)://{GitLab host}/projects/new"
3. Fill out "Project name" form with "testProject".
4. Click "Create project" button.
5. Go to "http(s)://{GitLab host}/{user id}/testProject/wikis/home?view=create".
6. Fill out "Content" form with "poc".
7. Click "Create page" button.
8. Click "New page" button.
9. Fill out "Page slug" form with "foo".
10. Click "Create page" button.
11. Fill out "Content" form with "poc".
12. Click "Create page" button.
13. Go to "http(s)://{GitLab host}/{user id}/testProject/wikis/foo/edit".
14. Fill out "Title" form with 'A'*50000.
15. Click "Save changes" button.

Result: A page titled AAAAAAAAAAA... is added. (The response to step 15 is 502 Bad Gateway.)

Supporting Material

I attached a movie.

Impact

• Users can not clone this repository with git clone.
• Once an attacker added the page whose title is too long, t can not be deleted on the client side.
• The user can not view the history of the added page.

Mitigation

I think the following is effective.

• Limit the number of characters in the title of wiki pages.
• Create a page like a list of wiki pages, so that you can delete pages from there.